minor fix for ckan roles handling

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/workspace-tree-widget@129675 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Costantino Perciante 2016-06-30 10:22:35 +00:00
parent 77ad08ddc6
commit 30050a874b
1 changed files with 21 additions and 17 deletions

View File

@ -114,7 +114,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
// for the data catalogue // for the data catalogue
public static final String CKAN_TOKEN_KEY = "ckanToken"; public static final String CKAN_TOKEN_KEY = "ckanToken";
public static final String CKAN_ROLE = "ckanRole"; // editor, admin, member public static final String CKAN_ROLE = "ckanRole"; // a true value means the user has editor/admin role, false means member
// ckan utils methods // ckan utils methods
private CKanUtilsImpl instance; private CKanUtilsImpl instance;
@ -2704,7 +2704,7 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
firstName = user.getFirstName(); firstName = user.getFirstName();
lastName = user.getLastName(); lastName = user.getLastName();
email = user.getEmail(); email = user.getEmail();
// check if he has catalogue role // check if he has catalogue role
catalogueEditor = hasUserRoleAdminOrEditor(); catalogueEditor = hasUserRoleAdminOrEditor();
}catch (UserManagementSystemException e) { }catch (UserManagementSystemException e) {
@ -3433,13 +3433,18 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
public boolean hasUserRoleAdminOrEditor() { public boolean hasUserRoleAdminOrEditor() {
ASLSession asl = WsUtil.getAslSession(this.getThreadLocalRequest().getSession()); ASLSession asl = WsUtil.getAslSession(this.getThreadLocalRequest().getSession());
String username = asl.getUsername(); String username = asl.getUsername();
if(!isWithinPortal()){ if(!isWithinPortal()){
workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE"); workspaceLogger.warn("OUT FROM PORTAL DETECTED RETURNING TRUE");
asl.setAttribute(CKAN_ROLE, "editor"); asl.setAttribute(CKAN_ROLE, true);
return true; return true;
} }
if(username.equals(WsUtil.TEST_USER)){
workspaceLogger.warn("Session expired");
return false;
}
// check if this information was already into the ASL Session (true means the user has at least in one org // check if this information was already into the ASL Session (true means the user has at least in one org
// the role editor/admin), false that he is just a member so he cannot publish // the role editor/admin), false that he is just a member so he cannot publish
Boolean role = (Boolean)asl.getAttribute(CKAN_ROLE); Boolean role = (Boolean)asl.getAttribute(CKAN_ROLE);
@ -3449,9 +3454,11 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
return role; return role;
else{ else{
CKanUtilsImpl ckanUtils = getCkanUtils();
try{ try{
// first of all, check if the user is a sysadmin in the catalog (in this case he can do everything) // first of all, check if the user is a sysadmin in the catalog (in this case he can do everything)
boolean isSysAdmin = getCkanUtils().isSysAdmin(username, getUserCKanTokenFromSession()); boolean isSysAdmin = ckanUtils.isSysAdmin(username, getUserCKanTokenFromSession());
if(isSysAdmin){ if(isSysAdmin){
@ -3468,9 +3475,9 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
// we need to iterate over vres of the user // we need to iterate over vres of the user
List<GCubeGroup> groups = groupManager.listGroupsByUser(userManager.getUserId(username)); List<GCubeGroup> groups = groupManager.listGroupsByUser(userManager.getUserId(username));
workspaceLogger.debug("The list of organizations of the user " + username + " is " + groups); workspaceLogger.debug("The list of organizations of the user " + username + " is " + groups);
boolean toReturn = false; boolean toReturn = false;
for (GCubeGroup gCubeGroup : groups) { for (GCubeGroup gCubeGroup : groups) {
@ -3506,16 +3513,16 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
continue; continue;
// with this invocation, we check if the role is present in ckan and if it is not it will be added // with this invocation, we check if the role is present in ckan and if it is not it will be added
toReturn &= getCkanUtils().checkRole(username, groupName, correspondentRoleToCheck); toReturn &= ckanUtils.checkRole(username, groupName, correspondentRoleToCheck);
} }
// set true in the asl session // set true in the asl session
workspaceLogger.debug("Setting CKAN_ROLE for " + username + " to " + toReturn); workspaceLogger.debug("Setting CKAN_ROLE for " + username + " to " + toReturn);
asl.setAttribute(CKAN_ROLE, toReturn); asl.setAttribute(CKAN_ROLE, toReturn);
return toReturn; return toReturn;
} }
}catch(Exception e){ }catch(Exception e){
workspaceLogger.error("Unable to retrieve the role information for this user. Returning FALSE", e); workspaceLogger.error("Unable to retrieve the role information for this user. Returning FALSE", e);
} }
@ -3536,25 +3543,22 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
* @return String the ckan user's token * @return String the ckan user's token
*/ */
private String getUserCKanTokenFromSession(){ private String getUserCKanTokenFromSession(){
HttpSession httpSession = this.getThreadLocalRequest().getSession(); HttpSession httpSession = this.getThreadLocalRequest().getSession();
ASLSession session = WsUtil.getAslSession(httpSession); ASLSession session = WsUtil.getAslSession(httpSession);
String username = session.getUsername(); String username = session.getUsername();
workspaceLogger.debug("User in session is " + username); workspaceLogger.debug("User in session is " + username);
String token = null; String token = null;
if(this.getThreadLocalRequest().getSession().getAttribute(CKAN_TOKEN_KEY) != null) if(session.getAttribute(CKAN_TOKEN_KEY) != null)
token = (String)this.getThreadLocalRequest().getSession().getAttribute(CKAN_TOKEN_KEY); token = (String)session.getAttribute(CKAN_TOKEN_KEY);
else{ else{
token = getCkanUtils().getApiKeyFromUsername(username); token = getCkanUtils().getApiKeyFromUsername(username);
this.getThreadLocalRequest().getSession().setAttribute(CKAN_TOKEN_KEY, token); session.setAttribute(CKAN_TOKEN_KEY, token);
workspaceLogger.debug("Ckan token has been set for user " + username); workspaceLogger.debug("Ckan token has been set for user " + username);
} }
workspaceLogger.debug("Found ckan token " + token.substring(0, 3) + "********************" + " for user " + username);
workspaceLogger.debug("Found ckan token " + token + " for user " + username);
return token; return token;
} }
@Override @Override